we have a Virgo plan with 9 webapps inside. Each of them represents a 'plugin' and deployed to /webapp1 to /webapp9.

The goal is to integrate spring security as own bundle and secure all of this plugins without configuring spring security for each of them. The problem is, that all deployed bundles have their own application contexts and we don't how to intercept calls from /webappX and check for authorisation.

We already tried to create our own authenticationManager and provide it as a service to other bundles. But how we call authentication form/dialog from there? So we stuck at this point.

The idea of CAS Single Sign On will require to configure security context for all artifacts in the plan? If no configuration for webapps is needed, it should be the solution for this problem.